Chapter 13 Health PolicyThe Health Insurance Portability and Accountability Act (HIPAA) was landmark legislation when signed into law by President Bill Clinton in 1996. The primary components of HIPAA affecting health information technology (HIT) and clinical information systems (CIS) are the Privacy and Security Rules.

Chapter 13: Health PolicyThe Health Insurance Portability and Accountability Act (HIPAA) was landmark legislation when signed into law by President Bill Clinton in 1996. The primary components of HIPAA affecting health information technology (HIT) and clinical information systems (CIS) are the Privacy and Security Rules. In 2009, President Barack Obama signed the American Recovery and Reinvestment Act (ARRA), which contained the Health Information for Economic and Clinical Health (HITECH) Act. The HITECH Act solidified the relationship between healthcare entities and data-sharing partners by extending HIPAA’s jurisdiction to include business associates. Furthermore, the HITECH Act has ushered in numerous efforts to digitize health information and clinical data and foster interoperability.IntroductionThe interpretation of this federal legislation is complicated by its lack of clear implementation guidance, which perplexes healthcare managers and business associates. For example, workforce providers, such as regulators, and analysts believed that several provisions of the original HIPAA health policy were unworkable or would result in unintended consequences. For example, the rulemaking provided an opportunity to correct problems and to integrate congressional directives under the HITECH Act and the Genetic Information Nondiscrimination Act (GINA) of 2008 (Rothstein, 2013). Updates to HIPAA, from the HITECH Act and GINA, require health care organizations to create or modify policies, procedures, and compliance programs. Additionally, the rise in popularity of direct-to-consumer options such as prenatal, ancestral, and personal genetic testing services pose an unprecedented challenge for health systems already struggling to keep pace with the rapid advances of computer and medical technologies.Case Report
Essentials of the U.S. Health Care System, Fifth EditionLeiyu Shi and Douglas SinghCase StudyCopyright © 2019 by Jones & Bartlett Learning, LLC, an Ascend Learning Company2Located in the heart of Silicon Valley, 23andMe was founded in 2006, in Mountain View, California. 23andMe offers consumer-direct genetic services such as personal genomic sequencing and analysis. The success of 23andMe is a direct result of the desire of consumers to become active participants in managing their health and wellness. The implications of the rising popularity of personal genomics is the shift of knowledge and subject-matter expertise toward patients and away from health systems. The enactment of GINA gave genetic determinants of health and testing federally protected status. Furthermore, specific restrictions mandate when such information can be disclosed to health insurers and employers. GINA required the Department of Health and Human Services (HHS) to amend the HIPAA Privacy Rule that prohibits health plans, health insurers, and health maintenance organizations from using genetic information for underwriting purposes (Silver & Clark, 2013). The GINA regulations also prohibit unauthorized disclosure and use of genetic health information without the patient’s written consent. Hospitals, primary care providers, and specialty physicians must update policies and procedures regarding routine disclosures and release consent forms. For example, in addition to ancestral tracing, personal testing can include the identification of the possibility of genetic diseases and risk assessments as it relates to health, wellness, and the probability of transmitting traits to progeny. Health system administrators and professionals must now align policy and procedures to reinforce these new realities in the delivery of health services.DiscussionModernization of HIPAA through the HITECH and GINA statutes promotes patient privacy, confidentiality, and security of electronic personal health information (ePHI). The updates improve the continuity of care within healthcare organizations governed by federal legislation and regulations for safeguarding data. Furthermore, implementation of state-of-the-art CIS Essentials of the U.S. Health Care System, Fifth EditionLeiyu Shi and Douglas SinghCase StudyCopyright © 2019 by Jones & Bartlett Learning, LLC, an Ascend Learning Company3technology with robust decision support intelligence is a best clinical practice for information security, data integrity, and patient confidentiality. These recent changes in federal health policy closed loopholes in existing law and have created a culture of compliance for managing and maintaining personal genetic data from genomic testing services such as 23andMe.ConclusionRapid advances in genetic science and sequencing technology will continue to pressure health systems and public health policies to stay current and relevant in a dynamic environment. Historically, government policy has enacted legislation to administer and implement healthcare reform programs that enhance data sharing while protecting the privacy and confidentiality of the shared information. Good health policy must have a mandate to stop unsafe and unfair business practices by medical providers and health insurance companies. Key reform policies to safeguard the influx of personal genomic information represent the minimum standards that industry professionals must implement and adopt through the health system.Questions1. Why is it important to safeguard patients’ genetic information from employers and insurance underwriters? Be sure to include an example from the text or an outside peer-reviewed reference in your answer.2. Research and discuss a component of GINA and how it protects patient privacy and confidentiality.3. What are the future implications for consumer health information related to privacy and confidentiality of personal genomic data?